inspec 1.4.0 → 1.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ef0dc3a6c0cc982b6b612b46bcac69afd4a42ef0
-  data.tar.gz: 29537e78197748969056d139a34c50aef0f1db2a
+  metadata.gz: bca4fcc30155e9c8a8e2ff7a8ce6fc2b597a8d79
+  data.tar.gz: e8c2c7f7b0c6769c471c02886926fa8413f3cadf
 SHA512:
-  metadata.gz: cc65160a882a9447c91069b4966edde3418a835d3fcb524867c67ce511df80ae4afd319f43e478c4af95999f0f0136c7bbb564ff07ed8731d7ad6b76e1974c0c
-  data.tar.gz: 37fa3f991ede6b6e69e80ee452fdd67de0be0666762f9b45b963da11e3a3e8a6d4e0706f63e3318cb5c77a89c46cd24db8582d01aaa0ea22ebce71f1537e7f8f
+  metadata.gz: 1e7937ad40da9cc29944dd82d3140275dc607e3970731b69945a7d523434778c304952b17742a75aec3482fceb6c7e6df0ec2f0f2b6928b90c878d4b6a3cfc68
+  data.tar.gz: 9b44c4bb35f154720e89e3844fb72fcea39f7f0491543a007faeb921f5dcaa5786d709bf33195f53111760832da040c580415969a86f443163a2442ebab3600c

data/CHANGELOG.md

@@ -1,7 +1,22 @@
 # Change Log
 
-## [1.4.0](https://github.com/chef/inspec/tree/1.4.0) (2016-11-04)
-[Full Changelog](https://github.com/chef/inspec/compare/v1.3.0...1.4.0)
+## [1.4.1](https://github.com/chef/inspec/tree/1.4.1) (2016-11-04)
+[Full Changelog](https://github.com/chef/inspec/compare/v1.4.0...1.4.1)
+
+**Fixed bugs:**
+
+- Passing attributes to inherited profiles [\#1250](https://github.com/chef/inspec/issues/1250)
+
+**Closed issues:**
+
+- RFC: Harmonize profile location targets in inspec.yml/kitchen.yml/audit cookbook [\#1227](https://github.com/chef/inspec/issues/1227)
+
+**Merged pull requests:**
+
+- Fix attributes in profile dependencies [\#1258](https://github.com/chef/inspec/pull/1258) ([chris-rock](https://github.com/chris-rock))
+
+## [v1.4.0](https://github.com/chef/inspec/tree/v1.4.0) (2016-11-04)
+[Full Changelog](https://github.com/chef/inspec/compare/v1.3.0...v1.4.0)
 
 **Fixed bugs:**
 

data/examples/inheritance/README.md

@@ -7,13 +7,59 @@ This example shows the use of InSpec [profile](../../docs/profiles.rst) inherita
 InSpec ships with built-in features to verify a profile structure.
 
 ```bash
-$ inspec check examples/inheritance --profiles-path examples
+$ inspec check examples/inheritance
 ```
 
 ## Execute a profile
 
-To run a profile on a local machine use `inspec exec /path/to/profile`.
+To run a profile on a local machine use `inspec exec /path/to/profile`. All dependencies are automatically resolved.
 
 ```bash
-$ inspec exec examples/inheritance --profiles-path examples
+$ inspec exec examples/inheritance
+```
+
+## Set attributes for dependent profiles
+
+Without setting attributes, an `inspec exec` would return the following:
+
+```
+$ inspec git:(master) ✗ b inspec exec examples/inheritance
+
+Profile: InSpec example inheritance (inheritance)
+Version: 1.0.0
+Target:  local://
+
+
+  ○  gordon-1.0: Verify the version number of Gordon (1 skipped)
+     ○  Can't find file "/tmp/gordon/config.yaml"
+     ✔  File  content should match nil
+  ✔  ssh-1: Allow only SSH Protocol 2
+     ✔  File /bin/sh should be owned by "root"
+
+  File /tmp
+     ✔  should be directory
+  alice should
+     ✖  eq "bob"
+
+     expected: "bob"
+          got: "alice"
+
+     (compared using ==)
+
+  should eq
+     ✖  "secret"
+
+     expected: "secret"
+          got: nil
+
+     (compared using ==)
+
+
+Test Summary: 3 successful, 2 failures, 1 skipped
+```
+
+To pass in attributes, just call:
+
+```
+$ inspec exec examples/inheritance --attrs examples/profile-attribute.yml
 ```

data/examples/inheritance/controls/example.rb

@@ -2,6 +2,7 @@
 # copyright: 2016, Chef Software, Inc.
 # license: All rights reserved
 
+# manipulate controls of `profile`
 include_controls 'profile' do
   skip_control 'tmp-1.0'
 
@@ -9,3 +10,6 @@ include_controls 'profile' do
     impact 0.0
   end
 end
+
+# load all controls of `profile-attribute`
+include_controls 'profile-attribute'

data/examples/inheritance/inspec.yml

@@ -11,3 +11,5 @@ supports:
 depends:
   - name: profile
     path: ../profile
+  - name: profile-attribute
+    path: ../profile-attribute

data/lib/inspec/dependencies/dependency_set.rb

@@ -14,9 +14,9 @@ module Inspec
     # @param cwd [String] Current working directory for relative path includes
     # @param vendor_path [String] Path to the vendor directory
     #
-    def self.from_lockfile(lockfile, cwd, cache, backend)
+    def self.from_lockfile(lockfile, cwd, cache, backend, opts = {})
       dep_tree = lockfile.deps.map do |dep|
-        Inspec::Requirement.from_lock_entry(dep, cwd, cache, backend)
+        Inspec::Requirement.from_lock_entry(dep, cwd, cache, backend, opts)
       end
 
       dep_list = flatten_dep_tree(dep_tree)

data/lib/inspec/dependencies/requirement.rb

@@ -14,16 +14,16 @@ module Inspec
       new(dep[:name], dep[:version], cache, opts[:cwd], opts.merge(dep))
     end
 
-    def self.from_lock_entry(entry, cwd, cache, backend)
+    def self.from_lock_entry(entry, cwd, cache, backend, opts = {})
       req = new(entry[:name],
                 entry[:version_constraints],
                 cache,
                 cwd,
-                entry[:resolved_source].merge(backend: backend))
+                entry[:resolved_source].merge(backend: backend).merge(opts))
 
       locked_deps = []
       Array(entry[:dependencies]).each do |dep_entry|
-        locked_deps << Inspec::Requirement.from_lock_entry(dep_entry, cwd, cache, backend)
+        locked_deps << Inspec::Requirement.from_lock_entry(dep_entry, cwd, cache, backend, opts)
       end
       req.lock_deps(locked_deps)
       req
@@ -85,6 +85,7 @@ module Inspec
       @fetcher ||= Inspec::CachedFetcher.new(opts, @cache)
     end
 
+    # load dependencies of the dependency
     def dependencies
       @dependencies ||= profile.metadata.dependencies.map do |r|
         Inspec::Requirement.from_metadata(r, @cache, cwd: @cwd, backend: @backend)
@@ -95,9 +96,9 @@ module Inspec
       name
     end
 
+    # load the profile for the requirement
     def profile
       return @profile if ! @profile.nil?
-
       opts = @opts.dup
       opts[:backend] = @backend
       if !@dependencies.nil?

data/lib/inspec/profile.rb

@@ -60,13 +60,14 @@ module Inspec
       @profile_id = options[:id]
       @cache = options[:cache] || Cache.new
       @backend = options[:backend] || Inspec::Backend.create(options)
+      @attr_values = options[:attributes]
       @source_reader = source_reader
       @tests_collected = false
       @libraries_loaded = false
       Metadata.finalize(@source_reader.metadata, @profile_id)
       @runner_context =
         options[:profile_context] ||
-        Inspec::ProfileContext.for_profile(self, @backend, options[:attributes])
+        Inspec::ProfileContext.for_profile(self, @backend, @attr_values)
     end
 
     def name
@@ -350,7 +351,7 @@ module Inspec
     end
 
     def load_dependencies
-      Inspec::DependencySet.from_lockfile(lockfile, cwd, @cache, @backend)
+      Inspec::DependencySet.from_lockfile(lockfile, cwd, @cache, @backend, { attributes: @attr_values })
     end
 
     private

data/lib/inspec/runner.rb

@@ -116,7 +116,7 @@ module Inspec
     def load_attributes(options)
       attributes = {}
       # read endpoints for secrets eg. yml file
-      secrets_targets = options['attrs']
+      secrets_targets = options[:attrs]
       unless secrets_targets.nil?
         secrets_targets.each do |target|
           secrets = Inspec::SecretsBackend.resolve(target)
@@ -124,7 +124,9 @@ module Inspec
           attributes = attributes.merge(secrets.attributes) unless secrets.nil? || secrets.attributes.nil?
         end
       end
-      options['attributes'] = attributes
+      options[:attributes] = options[:attributes] || {}
+      options[:attributes] = options[:attributes].merge(attributes)
+      options[:attributes]
     end
 
     #

data/lib/inspec/version.rb

@@ -4,5 +4,5 @@
 # author: Christoph Hartmann
 
 module Inspec
-  VERSION = '1.4.0'.freeze
+  VERSION = '1.4.1'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.4.1
 platform: ruby
 authors:
 - Dominik Richter